@sparring/tech-roles-library/src/i18n/translations/en/security-operations-engineer.json

Comprehensive tech roles and competencies library for 78 technical roles with 9 career levels each. Includes detailed competencies and career progression paths with complete bilingual support (EN/ES).

{
  "role": "Security Operations Engineer",
  "category": "Security",
  "levels": {
    "SOE-L1": {
      "level": "L1 - SecOps Trainee",
      "levelNumber": 1,
      "yearsRange": {
        "min": 0,
        "max": 1
      },
      "coreCompetencies": [
        "Basic knowledge of security operations",
        "Elementary understanding of SIEM",
        "Ability to monitor basic alerts",
        "Basic knowledge of incident handling",
        "Ability for triaging with supervision",
        "Understanding of security events",
        "Incident documentation",
        "Elementary knowledge of forensics"
      ],
      "complementaryCompetencies": [
        "Familiarity with security tools",
        "Basic knowledge of networking",
        "Elementary understanding of malware"
      ],
      "indicators": [
        "Requires constant supervision",
        "Monitors basic alerts",
        "Is learning SecOps"
      ]
    },
    "SOE-L2": {
      "level": "L2 - Junior SecOps Engineer",
      "levelNumber": 2,
      "yearsRange": {
        "min": 1,
        "max": 2
      },
      "coreCompetencies": [
        "Ability to respond to incidents",
        "Implementation of security monitoring",
        "Practical knowledge of SIEM/SOAR",
        "Ability for basic threat hunting",
        "Understanding of log analysis",
        "Ability for containment",
        "Knowledge of playbooks",
        "Ability for escalation"
      ],
      "complementaryCompetencies": [
        "Knowledge of EDR tools",
        "Ability for scripting",
        "Understanding of threat intelligence"
      ],
      "indicators": [
        "Responds to incidents with supervision",
        "Executes playbooks",
        "Contributes to threat hunting"
      ]
    },
    "SOE-L3": {
      "level": "L3 - Security Operations Engineer",
      "levelNumber": 3,
      "yearsRange": {
        "min": 2,
        "max": 3
      },
      "coreCompetencies": [
        "Design of security monitoring",
        "Implementation of detection rules",
        "Mastery of incident response",
        "Ability for threat hunting",
        "Ability for forensic analysis",
        "Deep knowledge of attack patterns",
        "Implementation of SOAR workflows",
        "Ability for security metrics"
      ],
      "complementaryCompetencies": [
        "Knowledge of malware analysis",
        "Ability for threat intelligence",
        "Understanding of CTI"
      ],
      "indicators": [
        "Leads incident response",
        "Designs detection logic",
        "Mentors junior SecOps"
      ]
    },
    "SOE-L4": {
      "level": "L4 - Senior SecOps Engineer",
      "levelNumber": 4,
      "yearsRange": {
        "min": 3,
        "max": 5
      },
      "coreCompetencies": [
        "Architecture of SOC operations",
        "Design of incident response strategy",
        "Implementation of threat hunting programs",
        "Mastery of advanced forensics",
        "Ability for security orchestration",
        "Deep knowledge of APT tactics",
        "Ability for crisis management",
        "Leadership in security incidents"
      ],
      "complementaryCompetencies": [
        "Experience in major breaches",
        "Knowledge of threat actors",
        "Implementation of automation"
      ],
      "indicators": [
        "Defines SOC strategy",
        "Leads major incidents",
        "Is reference in SecOps"
      ]
    },
    "SOE-L5": {
      "level": "L5 - Lead SecOps Engineer",
      "levelNumber": 5,
      "yearsRange": {
        "min": 5,
        "max": 7
      },
      "coreCompetencies": [
        "Technical leadership in security operations",
        "Design of SOC platforms",
        "Management of SOC teams",
        "Definition of incident response procedures",
        "Ability for threat intelligence programs",
        "Implementation of security automation",
        "Mastery of metrics and KPIs",
        "Evangelization of security awareness"
      ],
      "complementaryCompetencies": [
        "Experience in 24/7 operations",
        "Knowledge of MSSP",
        "Management of tools budget"
      ],
      "indicators": [
        "Manages SOC team",
        "Defines SecOps vision",
        "Represents SOC to executives"
      ]
    },
    "SOE-L6": {
      "level": "L6 - Principal SOC Architect",
      "levelNumber": 6,
      "yearsRange": {
        "min": 7,
        "max": 10
      },
      "coreCompetencies": [
        "Direction of SOC strategy",
        "Management of security operations at scale",
        "Definition of SOC architecture",
        "Leadership in SOC transformation",
        "Management of major security incidents",
        "Implementation of global SOC",
        "Innovation in detection",
        "Management of threat intelligence"
      ],
      "complementaryCompetencies": [
        "Experience in SOC design",
        "Knowledge of security investment",
        "Leadership in SecOps community"
      ],
      "indicators": [
        "Directs SOC department",
        "Participates in executive strategy",
        "Defines SOC investments"
      ]
    },
    "SOE-L7": {
      "level": "L7 - Director Security Operations",
      "levelNumber": 7,
      "yearsRange": {
        "min": 10,
        "max": 12
      },
      "coreCompetencies": [
        "Executive leadership in security operations",
        "Design of global SOC strategies",
        "Transformation of incident response",
        "Management at Fortune 500 scale",
        "Creation of security operations culture",
        "Definition of SOC roadmap",
        "Evangelization at board level",
        "Influence in security operations"
      ],
      "complementaryCompetencies": [
        "Management of multi-million dollar SOC budgets",
        "Experience in global SOCs",
        "Leadership in security community"
      ],
      "indicators": [
        "Reports to CISO",
        "Manages SOC organization (30+ people)",
        "Defines SecOps strategy"
      ]
    },
    "SOE-L8": {
      "level": "L8 - VP Security Operations",
      "levelNumber": 8,
      "yearsRange": {
        "min": 12,
        "max": 15
      },
      "coreCompetencies": [
        "Strategic vision of security operations",
        "Leadership in SOC transformation",
        "Creation of detection advantage",
        "Management of SOC ecosystems",
        "Innovation in threat hunting",
        "Definition of next-gen SOC",
        "Evangelization of proactive security",
        "Influence in security policies"
      ],
      "complementaryCompetencies": [
        "Experience in security giants",
        "Advisory in SecOps startups",
        "Thought leadership in SOC"
      ],
      "indicators": [
        "Is part of executive committee",
        "Defines SOC strategy",
        "Is recognized leader"
      ]
    },
    "SOE-L9": {
      "level": "L9 - Chief Security Operations Officer",
      "levelNumber": 9,
      "yearsRange": {
        "min": 15,
        "max": null
      },
      "coreCompetencies": [
        "Visionary leadership in security operations",
        "Transformation of detection and response",
        "Creation of SOC paradigms",
        "Definition of proactive security",
        "Innovation in threat detection",
        "Evangelization of security vigilance",
        "Architect of SOC ecosystems",
        "Influence in security operations"
      ],
      "complementaryCompetencies": [
        "Experience transforming SOC in Fortune 100",
        "Recognition as SOC leader",
        "Influence in security standards"
      ],
      "indicators": [
        "Is Chief Security Operations Officer",
        "Defines future of SOC",
        "Is world authority"
      ]
    }
  }
}